Sharing Infosec Information

Infosecurity is hitting the mainstream.

While this may not be news to you, gentle readers, it is still both astonishing and a bit strange to me to find any crossover from the seemingly secluded world of computer/Internet security into that everyday one outside my office windows.

In the particular case to which I refer now, online fraud was the topic being put forth. Now, I'll concede that this subject has been getting a lot of attention for some time, but it and other IT security issues are being covered in any number of ways in any number of marketing, publishing and informational outlets as of late. Seems that Sept. 11 has opened the eyes of more than a few professionals when it comes to both physical and cyber security.

Anyway, as I casually thumbed through my February issue of National Geographic the other day, I found it quite interesting to see a double-page advertisement from VeriSign. In it, the company chides viewers for blindly trusting the strength offered by 400-year-old Corinthian columns holding up a 15,000-ton dome, while at the same time being 'wary' to use their credit cards online.

The mere fact that such an ad was in a well-read and long-standing publication like National Geographic proves to me that even the average Joe is worried about security. My logic follows that if Joe is concerned about using his credit card online, I'm sure he has also thought about online privacy issues, as well as how his personal details are protected by e-commerce businesses that collect and store them. Given all the news coverage Code Red, Nimda and various hack attacks receive, I'm betting Joe feels pretty fine with being 'wary' about using his credit card online and, perhaps, may even feel dandy with the decision not to share too many personal details in any form online.

However, companies like VeriSign offer authentication and payment solutions that are designed to help Joe and others like him feel better about shopping and doing other forms of e-business online. After all, it is an Internet world in which we live, right?

The problem is that in-depth information about such infosecurity solutions is just now starting to go mainstream... I mean, really mainstream, not that stuff you might appreciate as a subscriber to industry publications like SC Magazine. Yet, statistical information that shows just how scary cyberspace can be has often been considered top-of-the-list newsworthy material for a long while with the six-o'clock newscasters. Take for instance that Internet Fraud Watch (www.fraud.org) has found that the amount of money online consumers lose to fraud is rising. In 2000, overall online fraud was at about $3.4 million dollars. Last year, it had risen to about $4.4 million. The average loss per person for, say, 'general merchandise sales' stands at about $850.

Now, being a journalist, I understand that such findings provide the stuff of leading news stories. These are the bits of which oft-repeated teasers are made. Some poor online store's customer database being hacked into is pretty juicy stuff. Just as juicy, though, would be a follow-up story or adjoining report on how online customers can best protect personal details from such hack attacks. Of course, the onus is on e-commerce sites to step up and get down to business when it comes to protecting their own proprietary data and that of their customers, partners and other business affiliations. I mean, come on - online businesses can lose market share, customers, and sadly watch their bottom line plummet to near bankruptcy if hit by a half-way knowledgeable hacker. If choosing to do business online, companies should take the time to secure that business and those who patronize it.

Still, online consumers need to be Internet security savvy, too. Part of this can be achieved when the same news outlets that are taking infosecurity crimes mainstream make more moves to take infosecurity protections and solutions mainstream, as well. Simply put, this kind of stuff - the stuff to help solve the problems - should be covered more.

For example, just after reading that VeriSign ad, and at their urging that if I wanted to "feel as comfortable in the digital world" as I do "in the real one," I - with my consumer hat on, decided to hit the company's web site. Upon reading a bit about what the company does, most of which we've covered in our hardcopy editions, I put my press hat back on and dove into the "News Center." There, I found some pretty sound advice about safely shopping on the Internet. According to the company's "Top Ten Safe Shopping Tips," consumers can protect themselves when buying stuff online by doing a number of simple exercises. By researching the companies they plan to do business with, using web sites that offer protection through encryption, checking out the fine print and privacy policies on these web sites, checking that companies have been 'authenticated' as real businesses (usually a seal from an authentication security company shows this), as well as following a few more VeriSign's suggestions, will help the average Joe to feel more comfortable with doing business online.

These pieces of information weren't all that difficult to find. Undoubtedly, the average Joe could do a search on infosecurity solutions and come up with some good stuff. However, the average Joe may be too busy to find this stuff on his own without a little needling from information outlets. So, it's also up to those guys taking information security mainstream to provide some sound answers. It really is good seeing these news providers take an interest in cybercrime, but it'd be even better if they took an interest in the security mechanisms to protect against it.

It is plain that the crossover of infosecurity into that world outside my windows is slowly happening. I'm sure that as this crossover continues the information sharing about the cyberworld will get better, deeper. If the likes of VeriSign through National Geographic, Computer Associates through national television stations, Guidance Software's John Patzakis through NPR, or any of the other tons of industry players have anything to do with it, infosecurity won't be so foreign to the average Joe. Heck, infosecurity and all those infamous hack attacks and viruses will probably one day become just plain, old average news to good old cyber-savvy Joe.

All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.Your use of this website
constitutes acceptance of nextmedia's Privacy Policy and
Terms & Conditions.